Mozilla Firefox users need to update the browser immediately: CERT-in alerts

The Indian Computer Emergency Response Team (CERT-In) has issued an advisory alerting Mozilla Firefox users about multiple vulnerabilities in the internet browser and has asked that they update it immediately.

The CERT-In advisory states that these browser vulnerabilities can be exploited by remote attackers to obtain sensitive information via the browser and execute arbitrary code on the targeted system.

You may be interested in

MobilesTablets Laptops

28% OFF

Samsung Galaxy S23 Ultra 5G

• Green
• 12 GB RAM
• 256 GB Storage

Discounted price:₹107,999Original price:₹149,999

Buy now

Google Pixel 8 Pro

• Obsidian
• 12 GB RAM
• 128 GB Storage

₹106,998

Check details

Vivo X100 Pro 5G

• Asteroid Black
• 16 GB RAM
• 512 GB Storage

₹89,999

Check details

Apple iPhone 15 Plus

• Black
• 6 GB RAM
• 128 GB Storage

₹87,900

Check details

35% OFF

Xiaomi Pad 6

• Mist Blue
• 6 GB RAM
• 128 GB Storage

Discounted price:₹25,999Original price:₹39,999

Buy now

55% OFF

Lenovo Tab M10 5G

• Abyss Blue
• 6 GB RAM
• 128 GB Storage

Discounted price:₹20,999Original price:₹47,000

Buy now

32% OFF

Realme Pad 2

• Imagination Grey
• 6 GB RAM
• 128 GB Storage

Discounted price:₹19,668Original price:₹28,999

Buy now

Honor Pad X9

• Gray
• 4 GB RAM
• 128 GB Storage

₹14,999

Check details

21% OFF

Acer Swift Go SFG14 41 NX KG3SI 002 Laptop

• Pure Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹58,990Original price:₹74,999

Buy now

41% OFF

Acer Aspire 5 A515 57G Laptop

• Gray
• 16 GB RAM
• 512 GB SSD

Discounted price:₹52,990Original price:₹89,999

Buy now

41% OFF

Acer Aspire 3 A315 24 NX KDESI 004 Laptop

• Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹34,490Original price:₹57,999

Buy now

40% OFF

Asus VivoBook 15 X515JA BQ322WS Laptop

• Transparent Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹31,350Original price:₹51,990

Buy now

CERT-In has rated the severity as 'High' on all Mozilla Firefox browsers prior to version 75 and Mozilla Firefox ESR prior to version 68.7 which have been affected. The advisory thus recommends that everyone update their browser to the latest version immediately.

"Out-of-Bounds Read Vulnerability in Mozilla Firefox ( CVE-2020-6821 ). This vulnerability exists in Mozilla Firefox due to a boundary condition when using WebGLcopyTexSubImage method. A remote attacker could exploit this vulnerability by specially crafted web pages.Successful exploitation of this vulnerability could allow a remote attacker to disclose sensitive information," the advisory said.

According to reports, another vulnerability exists in Mozilla Firefox due to a boundary condition in GMP Decode Data while processing images larger than 4GB on 32-bit builds. A remote attacker can exploit this vulnerability by specially crafted images and trick the victim into opening it. If this vulnerability is successfully exploited that could allow an attacker to "execute arbitrary code on the target system".

A remote attacker can also exploit another vulnerability by "persuading a victim to install a crafted extension. Successful exploitation of this vulnerability could allow a remote attacker to disclose sensitive information".

"Information Disclosure Vulnerability in Mozilla Firefox ( CVE-2020-6824). This vulnerability exists in Mozilla Firefox to generate a password for a site but leaves Firefox open.A remote attacker could exploit this vulnerability by revisiting the same site of the victim and generating a new password. The generated password will remain the same on the targeted system," the advisory added.

Other vulnerabilities include 'Buffer Overflow Vulnerability in Mozilla Firefox (CVE-2020-6825)' and 'Memory Corruption Vulnerability in Mozilla Firefox (CVE-2020-6826)'.